The Twitter account belonging Katy Perry was compromised Monday and used to broadcast homophobic and racist messages to the pop singer’s millions of social media followers.
An unauthorized person reportedly gained access to the “I Kissed a Girl” singer’s Twitter profile late Monday and posted a series of messages, including tweets containing homophobic and racist epithets, as well as a post directed to rival pop singer Taylor Swift and an apparently unreleased song called “Witness.”
Ms. Perry’s Twitter account is the most popular on the platform with regards to the number of followers — 89.1 million as of Wednesday — making this week’s breach one of the biggest to affect the social networking service since it launched more than a decade ago.
Twitter intervened within minutes of Monday’s breach, but not before Ms. Perry’s since-purged posts were retweeted thousands of times each.
“It could have been worse,” security researcher Graham Cluley wrote on his blog Tuesday. “Imagine if the hacker had tweeted a malicious link instead of a juvenile message to Perry’s arch-rival.”
“The potential for harm was considerable because if Katy Perry’s Twitter account has been compromise, then spammers could have exploited it,” Mr. Cluley said in a YouTube video. “They could have posted messages pointing to spammy products or maybe even malicious links which could have compromised users’ computers and maybe stolen passwords for them.”
Before being kicked off of the pop singer’s account, the person or persons who gained access to Ms. Perry’s Twitter directed her nearly 90 million followers to a Soundcloud link containing the apparently unreleased tune, and advertised their own account, @sw4ylol.
That account was subsequently suspended by Twitter, but not until after it posted a screenshot suggesting “Witness” was removed from Soundcloud due to an apparent copyright violation.
“We’ve received a report directly from Universal Music Group that your track ‘Witness 1.3’ contains ‘Witness 1.3’ by Katy Perry. As a result, your track has been removed from your profile for the time being,” the screenshot read.
A spokesperson for Twitter said the social media service does not comment on individual accounts for privacy and security reasons, NBC News reported.